Cybersecurity Consultant Skills, Experience, and Job Requirements

CYBERSECURITY CONSULTANT SKILLS, EXPERIENCE, AND JOB REQUIREMENTS

Updated: October 3, 2024 - The Cybersecurity Consultant utilizes expertise in technical concepts and cyber threats to deliver customized security solutions for clients. This role involves conducting engaging workshops and creating client-facing materials to enhance understanding of cybersecurity trends and risks. Effective collaboration with stakeholders and a commitment to continuous learning are key to driving successful security strategies.

Essential Hard and Soft Skills for a Standout Cybersecurity Consultant Resume

Network Security
Incident Response
Vulnerability Assessment
Penetration Testing
Risk Assessment
Security Auditing
Malware Analysis
Security Frameworks
Cloud Security
Data Encryption

Communication
Problem-Solving
Collaboration
Adaptability
Attention to Detail
Critical Thinking
Leadership
Time Management
Empathy
Negotiation

Summary of Cybersecurity Consultant Knowledge and Qualifications on Resume

1. BS in Cybersecurity with 2 years of Experience

Hands-on experience in one or more of the following security areas: network design, applications development, Internet of Things, wireless communications, cryptography, hardware design protection, mobile management, cloud hosting design and implementation, DevSecOps consulting, design and implementation of CI/CD pipelines, etc.
Possess CISSP and/or CISA certifications. Having cloud security or DevSecOps related certification
Knowledge and experience of IM8 policies, ISO/IEC 27001/2 standards.
Knowledge and experience of operational security management techniques, architecture and designs.
Knowledge of cybersecurity attributes (e.g. confidentiality, integrity, availability, accountability, assurance, etc.) and security measures (e.g. authentication, authorisation etc.).
Knowledge and experience of risk management methodologies and risk evaluation techniques.
Able to articulate cybersecurity risks, mitigation measures and residual risks to stakeholders.
Knowledge of system security architecture concepts including network topology, protocols, components and principles (e.g. application of Defence in-depth)
Able to specify where and how security controls should be applied to or engineered into the security design.
Experience building & refining packaged service offerings.

2. BS in Information Technology with 5 years of Experience

Ability to mentor more junior members of the team and develop everyones technical skills.
Previous consulting experience, especially working at a managed IT service provider.
Experience performing risk assessments using various NIST, ISO, CMMC and other frameworks
CISSP, MCP, MCSE or other related certifications
Experience with software development, system architecture, and/or databases
Experience in technical consulting, with a focus on cybersecurity.
Excellent communication skills (verbal, written, and via presentations): able to clearly articulate and tailor complex ideas based on a situation for executive level consumption.
Advanced problem-solving skills: able to use prior experience and knowledge to address new situations, especially during interactions with customers.
Advanced analytical skills: able to use prior experience and knowledge to seamlessly incorporate new knowledge or information during customer interactions.

3. BS in Computer Science with 3 years of Experience

Experience in cyber incident management, threat hunting and threat intelligence.
Experience in collecting logs from and utilising HIDS, IDS/IPS systems, SIEMs, AD controllers and firewalls.
Ability to correlate events from various sources to create incident timelines.
Experience in cloud-based infrastructure including Microsoft Azure and Office 365, Amazon AWS, and Google Cloud.
Able to communicate at all levels, adapting the style of communication to meet the needs of the audience
Strong understanding of enterprise-grade technical security controls and defence in depth practices.
An excellent attitude and the willingness to learn and study for certifications.
Solid understanding and experience in dealing with network architecture, web applications and associated device
Ability to effectively plan and coordinate projects
Excellent written and verbal communication skills
Demonstrate a high level of accuracy and attention to detail
Demonstrate a flexible approach to work and a high level of self-motivation
Ability to exercise discretion and confidentiality

4. BS in Information Security with 4 years of Experience

Hands-on experience with cloud architecture and security, security solutions including endpoint security, vulnerability management, network security technologies such as firewalls and IPS/IPS, content filtering, authentication systems, log management, and encryption
Knowledge of IT policy and procedure development
Knowledge and experience with security and privacy strategies and/or architecture
Experience with security architecture including PCI
Ability to multi-task and prioritize in a rapidly growing, fast-paced interactive, results-based team environment
Excellent writing skills and the ability to communicate technical details in simple terms
Excellent organizational skills and strong attention to detail
Strong analytical and problem-solving skills
Produce high-quality deliverables, reports, and presentations for client management and technology partners

5. BS in Computer Engineering with 5 years of Experience

Experience with any of the following tools: SailPoint, CyberArk, SentinelOne, AWS, Azure, Twistlock
Experience leveraging technologies to discover, inventory, and map data assets across complex environments
An outstanding ability to analyze problems, apply quantitative analytical approaches, communicate effectively and confidently (both oral and written), work well in cross-functional teams
Excellent and efficient skills using MS Excel and PowerPoint tools
Experience in developing and publishing technical documentation
Experience in developing and documenting technical processes
Substantive experience providing document/process development support for a cybersecurity organization
Experience with producing technical design specification documentation by consultation with a system engineer
Impeccable mastery of English language and grammar
Master of MS Word, with very strong skills in MS PowerPoint and Visio
Strong written communications skills with a high degree of attention to detail
Experience with ITIL-based operations

6. BS in Network Security with 3 years of Experience

Experience with configure and manage switches, routers and firewalls
Experience in a combination of risk management, information security, and IT jobs
Successful experience in implementing cybersecurity products in manufacturing environments
Successful experience creating ICS security monitoring and remediation policies using industry-standard reference architecture mapping such as the IEC62443
Technical knowledge of OT technologies, networking and protocols
Experience with monitoring, analysing and understanding log sources for threat hunting
Experience with SIEM and/or IDS/IPS technologies and advanced knowledge of detection rules/signatures creation
Experience with AV, EDR, Orchestration security platforms or similar
Experience in at least one programming language such as Python, Javascript, etc.

7. BS in Information Assurance with 4 years of Experience

Knowledge of common system exploits, network attacks, phishing techniques and malware
Experience with security tooling and features in AWS, Azure, Google or others
Ability to quickly comprehend the functions and capabilities of new technologies
Be able to work in a global environment, with virtual teams and customer sites
Effectively communicates in English at different levels in the organization
Fluency in written and spoken English and Spanish and other languages
Strong self-learning, organization, and planning skills
Proven team player, collaborating well with others to tackle problems in a team-focused dynamic
Excellent written and communications skills
Excellent good communication, teamwork, accountability, problem solving and customer service skills.

8. BS in Software Engineering with 3 years of Experience

IT security experience in IT security consultancy, and security operations (which includes experience in management, deployment and maintenance of security for ICT systems).
Knowledge and experience in ICT security risk management methodologies and risk evaluation techniques.
Able to articulate cybersecurity risks, mitigation measures and residual risks orally and in writing to stakeholders, in an easily understood and actionable manner.
Knowledge of security technologies (such as SIEM, Log Management and Analysis Tools, firewall, cryptography, vulnerability scanning tools, endpoint security, identity and access management), and frameworks (such as MITRE ATT&CK framework), and security domains (such as network security, cloud security and application security).
Advanced Knowledge of accreditation processes and methods (NATO/OCCAR/EU…)
Effective communicator with great interpersonal skills and customer focus
Ability to communicate with internal and external senior management confidently
High engagement and distinct flexibility Team spirit and share expertise within a team Ability to identify up-sell opportunities
Ability to coach others in the gathering of requirements, designs, plans and estimates
Full professional proficiency in French and English

9. BS in Data Science with 5 years of Experience

Experience in communicating in Bahasa Indonesia and English proficiently both in written and spoken language in the business context both for internal coordination and client-facing.
Experience in delivering cybersecurity services, preferably for multinational companies.
Experience in working with different units/parties on security-related matters.
Having the required knowledge to work in security information and/or cybersecurity matters.
Having worked with information security, cybersecurity or similar regulations or standards (ISO27001, PCI-DSS, SOC II, etc.)
Having a certification of any of these standards or being in the process of certificating oneself.
Having the know how to assess risks and develop security standards, procedures and controls to manage them.
Able to communicate in Spanish and English, spoken and written.
Experience documenting policies, procedures and processes related to information security and/or cybersecurity.

10. BS in Electrical Engineering with 7 years of Experience

Experience in cyber/information security (excluding internships, co-ops, and fellow/research)
Experience working as a consultant or professional experience working in Compliance or Cybersecurity related field for an electric utility, Region, NERC, FERC, SERC, or equivalent
Demonstrated working proficiency in the NERC Security Standards or equivalent standards
Strong project management skills
Strong communications skills, including both written and verbal
Strong critical analysis and problem-solving skills
Highly developed organizational and management skills
Ability to manage multiple time-sensitive priorities without diminished effectiveness
Microsoft Security Control knowledge (Defender for Endpoint, Identity, O365, Azure, Sentinel)
Experience designing and delivering capability within a financial services environment
Experience working in a SOC or Incident Response position.

11. BS in Management Information Systems with 4 years of Experience

Experience managing standard security controls e.g EDR, NAD, SIEM, etc
MITRE Att&ck understanding and awareness
Knowledge of or experience working with security (SIEM, NetFlow, IDS/IPS, Anti-Virus)
Experience explaining the risk of security threats and creating mitigations.
Experience in general IT infrastructure technologies and principles.
Understanding of the underlying protocols including: HTTP, HTTPS, SMTP, SQL.
Understanding of Networking Architecture (OSI Model).
Experience using data science or advance analytical tools to solve security incidents.
Programming experience (PowerShell, Bash, Python, JavaScript)
Experience dealing with security incidents using the NIST framework.

12. BS in Information Systems Management with 3 years of Experience

Experience with cyber security consulting, leading security project delivery teams in private sector organizations
Experience with information security and assessment frameworks, including ISO 27001/2, COBIT, or NIST
Experience presenting to clients, delivering workshop sessions, and developing client-facing materials
Knowledge of technical concepts, including operating systems, software development and networking
Knowledge of cyber threats, current cyber security trends and latest cyber intelligence and news
Ability to develop and apply risk principles to custom client situations
Ability to drive the identification and implementation of security solutions to resolve client problems
Ability to work and collaborate with multiple stakeholders and Internal and external clients
Ability to learn new and varied IT skills and concepts, and develop cyber security expertise
Experience in a security operations-focused role including, incident handler, vulnerability analyst, red teamer, pen-tester, threat intelligence analyst or threat hunter
Experience in a management consulting role including, cyber strategy, maturity or risk assessment, cyber program design, control testing and design
Experience supporting business development activities including, developing proposals, client account management, sales and pipeline management
Experience managing project teams and mentoring others

13. BS in Cyber Operations with 4 years of Experience

Experience with the IEC62443 standard for security in control and automation systems
Cyber security certifications like CISSP, CISM, CRISC, CEH or CCSK
Good written and spoken communication skills, precise, efficient, structured and clear
A positive, constructive, and solution-oriented “can-do” attitude
Experience in cybersecurity consulting, system integration & commissioning and risk assessments of operational technologies environment.
Knowledge of industrial protocols and standards like IEC 62443, ISO 27001, NIST 800 - 82, NERC CIP, IEC 62351, IEC 60870, DNP 3, Modbus, DLMS, Zigbee SEP, CIM etc.
Expertise in identifying security vulnerabilities of different industrial control devices/system, network traffic and other industrial applications.
Strong understanding of networking protocols/TCP/IP Stack and OT communication protocols including Common Industrial Protocol (CIP), MODBUS, DNP3, Profibus, Profinet, Ethernet, OPC
Experience in Next-Gen Firewalls, Industrial deep packet inspection, OT firewalls, Endpoint security.

14. BS in Information Technology with 7 years of Experience

Profound professional experience in information technology, Cyber security as well as experience with security in agile ways of working, DevSecOps
Good knowledge/experience with securing cloud environments, web services, CI/CD pipelines, container security, connectivity, user access management, networks, and penetration testing experience beneficial.
One or more of the following: CISSP, CISM, CISA, CRISC, ISO 27001 Lead Auditor, GIAC, TOGAF, SABSA or equivalent
Strong experience in Cyber Security
Experience in a security analyst, engineer, architect, consultant, or a similar role
Professional experience in penetration testing and code review
Technical knowledge across a broad range of computing platforms and network protocols
High proficiency in a variety of operating systems such as Unix/Linux/Mac/Windows operating systems, including bash and PowerShell
High proficiency in manual techniques for penetration testing (network equipment, servers, web applications, APIs, wireless, mobile, databases, and other information systems)
Proven professional experience testing web applications for common web application security vulnerabilities as defined by OWASP, including input validation vulnerabilities, broken access controls, session management vulnerabilities, cross-site scripting issues, SQL injection and web server configuration issues
Deep knowledge of both static and dynamic analysis of an application, be it web-based, mobile app, or standalone
Ability to review source code, including the evaluation of best practices for the platform/framework in use

15. BS in Information Technology with 7 years of Experience

Working experience on industry OT systems (electrical power system, oil and gas, or renewable energy)
Deep domain knowledge in industry OT business processes, IT/OT architectures, 7 layers of OSI model, and standard industrial communication protocols (MODBUS, IEC 104, DNP3, IEC 61850)
Passionate about network engineering, computer engineering, and cyber security
Hands-on experience in cyber security assessment, system automation projects, programming, system administration (Windows/Unix/Linux, Network devices, etc)
Experience in security technologies, practices, application/network/systems architecture and design, tests tools and processes
CREST Registered Penetration Tester (CRT) or Offensive Security Certified Professional (OSCP)
Familiar with Cyber Security standards (ISO 27001, IEC 62443, NIST)
Good communication, presentation and writing skills in English
Excellent team player and self-starter
Experience in translating business, risk, and regulatory requirements into data protection solutions
Experience in an Information Security related role
Experience with databases and SQL
Hands-on technical experience with infrastructure systems such as networking (e.g. WAF, Firewall, and load balancing), operating systems, SCCM and endpoint engineering, and infrastructure automation implementation or operations.
Experience with Big Data and advanced analytics

16. BS in Software Engineering with 6 years of Experience

Have relevant working experience in industry OT systems (electrical power systems, oil and gas, or renewable energy)
Deep domain knowledge in industry OT business processes, IT/OT architectures, 7 layers of OSI model, and standard industrial communication protocols (MODBUS, IEC 104, DNP3, IEC 61850)
Passionate about network engineering, computer engineering, and cyber security
Programming – Python, ASP.NET, Perl, Java, Shell Scripting
Strong in Proxies, Port Scanners, Vulnerability Scanners, and Exploit Frameworks (ex: Burp, Nessus, Nmap, Metasploit)
Strong oral and written communication skills, including a demonstrated ability to prepare quality documentation and presentations for technical and non-technical audiences
Certifications such as OSCP, OSCE, OSWE, CREST CRT, GIAC (GXPN, GWAPT, GPEN, GMOB, GWEB) others are highly desired
Experience in data analytics/reporting
Experience or desire to work within Cyber Security Assessments and Cyber Frameworks
Previous experience in security consulting, security architecture, enterprise architecture, business continuity, and/or crisis consulting an advantage
Familiar with Frida and know how to tweak existing or write new Frida scripts
Experience in supporting the end-to-end delivery of large consultancy projects, with a team
Strong ability to understand and quantify client requirements, and propose consultative approaches that will deliver the best possible outcomes for the client
Familiarity with regional regulatory requirements for cyber security – including MAS’s TRM expectations

17. BS in Computer Science with 7 years of Experience

Experience in network systems engineering/IT security
CISCO Certified Network/Design/Security Professional (at least one)
Experience in LAN/WAN architectures & related diagnostic tools
Wireless networking principles and protocols including Ethernet, TCP/IP, VLAN, WLAN, Frame Relay, Firewall, DMZ, VPN, IDS, switches, routers, firewall TCP/IP protocols - SMTP, SNMP, FTP, HTTP, SSH, SSLExperience Network Security - Firewall, ACL, IDS, IPS, SIEM
Specific experience in Cisco Routers, Switches, or FirewallsMicrosoft - Active Directory, DNS, WSUS, Terminal Server
Experience with anti-virus systems, backup & restore solutions, system management
English at least on good communication level
Experience with Windows, Active Directory experience
Technical project management experience
Strong Microsoft Office skills (Powerpoint, Excel and Word)
Mentor and grow the capabilities of fellow team members.
Experience interfacing with non-technical, and technical stakeholders to deliver technical and non-technical information
Excellent verbal and written communication skills

18. BS in Information Technology with 6 years of Experience

CISCO Certified Network/Design/Security Professional, currently certified or in the process of certification
Linux/Windows Security Basics
Experience in Network Security – Firewall, ACL, IDS, IPS, SIEM
Excellent troubleshooting skills to resolve complex network and or application or system integration issues
Experience with virtualization, preferably VMWare
Experience delivering hands-on cyber security consultancy projects with clients, including the basics
Understand that this doesn’t just mean running Nessus.
Experience/knowledge of IT Security
Experience/knowledge in Industrial Networking and experience with Security Projects
Experience in industrial automation network systems engineering
Experience performing audits/assessments
CISCO Certification would represent an advantage or any other similar security certification
Excellent troubleshooting skills to resolve complex network and or application or system integration issues
Basic understanding of Infrastructure Management, Cloud Computing, Network Administration, Systems/OS Administration, Database Management, and Security Testing Services.

19. BS in Information Security with 5 years of Experience

Technical knowledge of Microsoft security and identity technologies, such as Active Directory, Azure Active Directory, Microsoft Defender ATP, Azure ATP, Azure Security Center, and Azure Sentinel.
Knowledge of Cybersecurity and Advanced Persistent Threat (APT).
Credential Theft Mitigation recommended practices.
Knowledge of Security Assessments and Reviews.
Knowledge of security, threat modeling, incident response, and recovery techniques.
Knowledge of Hybrid Cloud and Workload Security configurations and practices.
Ability to design, create and deliver solution frameworks
Knowledge of Security Standards, Policies, and Governance frameworks
Experience in Pre-sales and Delivery Consulting.
Experience giving presentations to executive audiences and explaining the benefits of the Microsoft security platform
Knowledge of competitive security technologies
Open-source software experience
Experience in Information Security/Infrastructure Management
Understanding of Information Security frameworks like ISO27001, PCI DSS, SWIFT CSCF, etc.
Understanding of Information Security requirements in an organization

20. BS in Software Engineering with 6 years of Experience

Proficient English language (CEFR level C1/C2)
Excellent interpersonal skills
Experience of developing and managing positive client relationships
Strong team player with experience of working in virtual teams
Ability to work against tight deadlines and experience in data analytics/reporting
Experience or desire to work within Cyber Security Assessments and Cyber Frameworks
Previous experience in security consulting, security architecture, enterprise architecture, business continuity, and/or crisis consulting is an advantage
Have risk, security, or assurance certifications
Experience with Identity and Access Management solutions across different areas like Access Management (IDP), Identity Governance and Administration (IGA), Privilege Access Management (PAM) etc.
Experience with Identity and Access Management solutions like Oracle Identity Manager, SailPoint IGA, ForgeRock, Okta, Thales STA, RSA, IBM, Cyber-Ark, etc.
Understanding of enterprise directories such as IBM Directory Server, Sun ONE Directory Server and Novell e-Directory, and Oracle Internet Directory
Understanding of Single Sign On and Identity Federation concepts such as SAML, Liberty ID-FF and ID-WSF, WS Federation, OpenID, OAuth, and WS-Security
Understanding of the current regulatory environment and related implications to identity management and security/audit compliance
Understand the PKI technology for authentication, encryption, and digital signing and able to deliver solution plan
Understand the FIDO technology and be able to deliver an implementation plan

21. BS in Information Security with 5 years of Experience

Experience in relevant professional experience (Log Management/SIEM topics)
Solid knowledge and experience in the design, implementation, administration, and performance tuning of Log Management/SIEM products (i.e. IBM QRadar or ArcSight)
Experience with Log Format and Source Data for SIEM Analysis
Knowledge and experience with security technologies, such as Endpoint protection, Firewalls, IDS/IPS, Proxies
Experience with the standard MS Office Suite, Visio, Project, SharePoint
Have an analytical mindset, pay a lot of attention to detail, and have a critical view.
Be a great communicator and problem-solver
Enjoy working with customers and help them understand the necessity of cybersecurity
Certifications like CISSP, CISM, ISO27001, and ITIL
Ability to lead and shape client expectations
Help drive pursuits and engage in complex deals, matching outcomes to expectations
Ability to work easily with diverse and dynamic teams
Experience and success in delivering client engagements on time and within budget.
Comfortable working in a project-based / client-serving model
Effective writing, communication, and presentation skills

22. BS in Computer Science with 6 years of Experience

Experience in cyber incident management, threat hunting and threat intelligence.
Experience in collecting logs from and utilizing HIDS, IDS/IPS systems, SIEMs, AD controllers and firewalls.
Ability to correlate events from various sources to create incident timelines.
Experience in cloud-based infrastructure including Microsoft Azure and Office 365, Amazon AWS, and Google Cloud.
Excellent client-facing skills. Able to communicate at all levels, adapting the style of communication to meet the needs of the audience
Strong understanding of enterprise-grade technical security controls and defense-in-depth practices.
An excellent attitude and the willingness to learn and study for certifications.
Solid understanding and experience in dealing with network architecture, web applications, and associated device
Ability to effectively plan and coordinate projects
Excellent written and verbal communication skills
Demonstrate a high level of accuracy and attention to detail
Demonstrate a flexible approach to work and a high level of self-motivation
Ability to exercise discretion and confidentiality
Familiar with programming languages and scripting, e.g. .NET programming, Java programming, Python, Perl, Javascript, VB Script, Batch Scripting, Bash scripting, Cron scripting, Powershell, etc.
Familiar with the OWASP Testing Guide, OWASP Top Ten Most Critical Web Application Security Risks.

23. BS in Information Technology Management with 8 years of Experience

Experience with application penetration testing and vulnerability analysis
Experience with network penetration testing and vulnerability analysis
Experience in consulting, including both internal and client-facing experiences.
Ability to obtain a security clearance.
Understand the dependencies between business and technology and their implications for business.
Good understanding of web applications, system, and infrastructure architecture.
Familiarity with Virtualised environments and Cloud environments.
Proficient with networking and system administration.
Good understanding of technology controls to address technology vulnerabilities.
Experience with research, technical documentation and analysis.
Knowledge of the Singapore Government regulations and policies.
Ability to demonstrate flexibility, initiative and innovation in dealing with ambiguous, fast-paced situations.
Ability to show proficiency in one or more regional languages and dialects.
Strong communication (i.e., written and verbal), presentation, teamwork skills and resourcefulness.
Deep understanding of risk, business acumen, and ROI.

24. BS in Information Technology Management with 8 years of Experience

Broad and deep understanding of cyber security, Information Assurance, risk management, and information security compliance.
Knowledge and understanding of NIS Directive and UK NIS Regulations.
Security-related qualifications such as CISSP, CISM, CISMP, ISO27001 lead implementer or auditor.
Qualified in, or able to attain, CCP SIRA at senior level.
Experience in the defense industry, ideally across information systems, crypto, and/or Tempest.
Experience working across public and private sectors.
Attention to detail, ability to work methodically and deal with complex situations.
Ability to build effective and strong working relationships with both clients and colleagues.
A good communicator, with the ability to contribute confidently to technical security discussions with peers and management.
Excellent report writing skills, experience of working directly with clients and presenting information and findings in either a report or presentation format.
High level of drive and enthusiasm, flexible and positive attitude, adaptable and resilient.
Supports Ebeni’s core values of Excellence, Benefit, and Integrity.
Must hold or be able to obtain unrestricted Security Clearance
Knowledge of concepts, issues, and techniques of endpoint security
Ability to ensure security compliance of endpoint devices in various circumstances.

25. BS in Cybersecurity with 10 years of Experience

Familiar with cyber security principles, policies, and industry best practices
Experienced in consulting, including internal and client-facing experiences
Possess relevant cybersecurity certifications or accredited experience from CTF
Familiar with system administration on various operating systems flavors (Linux and Windows)
Familiar with programming/scripting languages such as .NET, Python, Bash, and PowerShell
Understand and apply the Cyber Kill Chain
Good understanding with Active Directory and Windows environment
Experienced with tools such as Bloodhound, TinyShell, and the likes
Cyber Security Certifications (e.g. OSCP, SEC564, SEC660, CREST)
Ability to think unconventionally, disruptively and like an adversary
Demonstrable knowledge of the tools and techniques used for creating software, hardware, networking, and application infrastructure
Ability to meet information security objectives while using these
Degree level qualification or equivalent level of experience and hold industry qualifications such as CCSP or CRISC.

26. BS in Computer Science with 10 years of Experience

Be organized, flexible, and able to manage several files.
Be rigorous and able to identify, assess, and prioritize risks.
Possess an entrepreneurial mindset and a high level of enthusiasm, whilst behaving with integrity and having the courage to lead.
Demonstrate a commercial drive with excellent writing, communication and presentation skills.
Appreciate working in a highly dynamic & international environment whilst being a true team player.
Proven knowledge of the processes, tools, and techniques of information security management, ability to deploy and monitor information security systems, as well as detect, resolve, and prevent violations of IT security, to protect organisational data.
Working knowledge of tools, techniques, approaches, and processes of cybersecurity risk management
Ability to ensure organizational network operation and minimize negative effects by cybersecurity risks.
Ability to protect information and information systems while ensuring their confidentiality, integrity, and availability.
Specialist knowledge of vulnerability assessment tools, techniques, models, and systems, ability to utilise the knowledge to identify vulnerabilities on network, operating system, mobile application, etc.
Ability to obtain and maintain the required clearance for this role
Experience with continuous monitoring, previous Federal consulting experience
Understanding of fundamental cloud computing concepts
Experience with Information Assurance concepts and processes within the Federal government
Knowledge of and experience with Federal security regulations, standards, and processes, including FISMA, FIPS, NIST, and FedRAMP

27. BS in Information Technology with 8 years of Experience

Direct Information Security experience in a security analyst, engineer, architect, consultant, or a similar role
Technical knowledge across a broad range of computing platforms and network protocols
High proficiency in a variety of operating systems such as Unix/Linux/Mac/Windows operating systems, including bash and PowerShell
Know-how in manual techniques for penetration testing (network equipment, servers, web applications, APIs, wireless, mobile, databases, and other information systems)
Professional experience testing web applications for common web application security vulnerabilities as defined by OWASP, including input validation vulnerabilities, broken access controls, session management vulnerabilities, cross-site scripting issues, SQL injection and web server configuration issues
Tools – Proxies, Port Scanners, Vulnerability Scanners, Exploit Frameworks (ex: Burp, Nessus, Nmap, Metasploit)
Strong oral and written communication skills, including a demonstrated ability to prepare quality documentation and presentations for technical and non-technical audiences
Certifications such as OSCP, OSCE, OSWE, CREST CRT, GIAC (GXPN, GWAPT, GPEN, GMOB)
Must have fluent written skills in English and Spanish
Excellent interpersonal skills, capable of interacting with people at all levels, team player
Action-oriented and results-driven
Organized with strong time-management skills
Flexible attitude, reliable
Customer-friendly approach and appearance
Strong problem-solving and analytical skills
Proactive and initiative-driven

28. BS in Network Security with 6 years of Experience

Highly developed skills in establishing and managing professional relationships, including the ability to understand strategic risk management and enterprise governance objectives.
Ability to work autonomously, and to work with both technical and non-technical stakeholders in an efficient and effective collaborative manner.
Strong personal communication and consultation skills appropriate for all levels of the organization including proven ability to prepare effective reports, address meetings, facilitate groups
Strong skills in negotiation, consultation and conflict resolution.
Extensive experience working in a senior ICT role within large, complex environment
Extensive experience in the application of ICT risk assessment and management processes for complex business environments and supporting ICT infrastructure
Experience with ICT vendor service management, SaaS/PaaS/IaaS services, enterprise content management systems, electronic document management systems, and SAP enterprise resource planning systems, are desirable but not mandatory
The expectation from role is to conduct business stakeholder meetings to understand the data related to the systems owned by various teams, the PII considerations associated with those applications and gathering requirements from those stakeholders to protect PII data.
Attitude to the consultant profession
Certifications in Information Security and IT areas (e.g. ISO-IEC 27001, ISO 22301/3100, COBIT, ITIL, etc.) or project management (e.g. Prince II, etc.)
Knowledge of information security technologies such as PAM and PKI
Good communication and written skills
Positive working attitude and passion for information security
Excellent oral and written communication skills both in Italian and English
Knowledge of the main tools of Microsoft Office package (MS Word, MS PowerPoint, and MS Excel)

29. BS in Information Security with 5 years of Experience

Experience in the field of Cyber Security preferably with a Fortune 500 company.
Experience in managing CSIRT & SOC operations for the organization.
Experience leading high-functioning teams
Have vulnerability management/risk assessment experiences.
Experience with collecting, analyzing, and interpreting qualitative and quantitative data from multiple sources
Experience in managing SOC/IR service provider
Ability to handle high-pressure situations with key stakeholders
Proficient in Incident Management and Response
In-depth knowledge of security concepts such as cyber-attacks and techniques, threat vectors, risk management, incident management, etc.
Proficient in the preparation of reports, dashboards, and documentation
Excellent communication and leadership skills
Good Analytical skills, problem-solving, and Interpersonal skills
Experience with cyber, incident response and digital forensics, security engineering, security operations, computer network operations, information operations, information warfare, or topical cyber
Good analytical skills and attitude to problem-solving
Good relationship and communication skills

30. BS in Software Engineering with 6 years of Experience

Implementing security standards such as ISO27001, PCI DSS, PSN, NIS Directive
Conducting cyber security risk assessments and managing risk management activities
Extensive knowledge of IT systems covering traditional infrastructure, cloud platforms, and SaaS
Hands-on experience with several security tooling, including but not limited to – Cloud Security (Azure/AWS), Office 365, Microsoft/Defender ATP
Proven experience effectively prioritizing workload to meet deadlines and work objectives
Demonstrated ability to write, succinctly, and in a manner that appeals to a wide audience
Proficiency in word processing, spreadsheet, presentation, and Internet research tools
Background in both accounting and cybersecurity
Prior knowledge and understanding of relevant legal and regulatory requirements, such as the Health Insurance Portability and Accountability Act (HIPPA), Payment Card Industry/Data Security Standard (PCI DSS), SANS and ISO27001
Prior knowledge and understanding of common information security management frameworks such as HITRUST, ISO, IEC27001, ITIL, COBIT
CISSP, CISM, or other information security certification
Knowledge transfer to MC2 teams for cybersecurity
Conduct Phishing campaign for MC2
Be good at identifying security flaws/risks in IT solutions and know how to deal with these

31. BS in Computer Science with 10 years of Experience

Experience in cyber security consultancy.
In-depth/hands-on experience with SOC Operation and SIEM.
CISSP, GSEC or GCIH, ISMS certifications
Experience in working within service delivery frameworks, such as ITIL.
Understanding of ISMS concepts and have excellent knowledge of IT Security best practices.
Experience in involvement in software development environment and process.
Proficient English language (CEFR level C1/C2)
Excellent interpersonal skills
Experience in developing and managing positive client relationships
Strong team player with experience working in virtual teams
Ability to work against tight deadlines
Risk, Security, or Assurance certifications
Experience working within a recognized Information Security governance framework (HMG SPF, NIST, ISO-27001 or similar)
Experience in producing comprehensive information risk assessments
Knowledge of the NIST Framework and ISO framework

Relevant Information

Cybersecurity Analyst Skills, Experience, and Job Requirements

Cybersecurity Architect Skills, Experience, and Job Requirements